Data Protection & Privacy Policy

Introduction

Scribe Construction Management Limited, Company Number 15579984, (referred to in this Policy as ‘we’, ‘us’, ‘our’, or “Scribe” and the “Data Controller”) is committed to respecting the privacy and confidentiality of companies and individuals; including during the use of our website www.scribecms.co.uk and all pages therein (altogether the “Website”).

This Data Protection and Privacy Policy (this “Policy“) describes how we collect and use your personal information, and how, in doing so, we comply with our legal obligations to you.  Your privacy is important to Scribe and we are dedicated to protecting and safeguarding your data privacy rights.

The aim of this Policy is to help you understand how we collect, use and protect your information when, for example, you:
– visit our Website;
– register for information or when you communicate with us in another way, such as by phone, mail or email or when you visit Scribe in person; or
– utilise our services or make customer enquiries.

Scribe provides construction services within the United Kingdom, which may include undertaking and/or managing construction and engineering works.

This Policy is issued for compliance with the Data Protection Act 2018 and the UK General Data Protection Regulation.

This Data Protection and Privacy Policy supplements other Scribe policies, notices and terms (including our Website Use Terms and Conditions and our Cookies Policy as published on our Website) and is not intended to override them.

What Personal Information May We Collect About You?

Most of the information we collect about you is obtained directly from you when you enter it via our Website or write to us. However, we may also collect information about you from public sources or that which we observe, for example via cookies when you visit our Website.

Below we list some of the most common categories of personal information we may collect about you:
– your contact details (including, name, date of birth, title, postal addresses, telephone numbers and email addresses) to keep in touch with you and/or contract with you;
– your image where you choose to upload or share this, for example if you link an image containing personal data to an account profile. This may be removed or changed at your discretion, but you are responsible for and should obtain permission for any content you upload which should comply with relevant terms and conditions of use;
– financial information from an individual and/or supplier in order to fulfil contractual obligations or with a view to entering into a contract with you. This can include your payment and bank details;
– any personal information you choose to give us when contacting Scribe;
– sensitive personal information relating to your health, race or ethnicity, for monitoring equal opportunities and/or to provide you with the necessary support when attending Scribe sites and/or events taking place outside Scribe sites;
– audio, video recordings, live stream footage and/or videography or other image(s), if your consent has been given, in connection with Scribe’s business purposes, for advertising promotion and other commercial purposes; or
– other operational personal data created, obtained, or otherwise processed in the course of carrying out our business activities, including but not limited to, CCTV footage, information gathered via cookies regarding your use of our Website, recordings of telephone conversations, logs of visitors, and logs of accidents, injuries and insurance claims.

How Do We Use Your Personal Information?

Your relationship with us will determine why we collect information about you. We may be required by law to collect certain information or require it in order to perform a contract. We may rely on our legitimate business interests to process your personal data (where this does not override your rights or interests).

We may collect and use your information to:
– effectively respond to and deal with your query in the event that you contact us;
– supply you with goods and/or services that you have requested;
– ensure you see relevant and interesting content on our Website using your electronic information (cookies) in line with our Website Terms and Conditions, as published on our Website;
– report and manage information for budgeting and forecasting;
– process information that is required or requested by regulatory bodies or law enforcement agencies;
– investigate, respond to and/or process any complaints, claims for loss, damage and/or injury;
– prevent and/or detect crime;
– monitor the safety and security of our employees and visitors;
– facilitate your access to our on-site facilities
– obtain your views on Scribe’s services, construction projects or other development proposals;
– notify you of any events we hold which we think may be of interest to you;
– aggregate/process personal data for research, statistical and/or scientific purposes;
– processing audio, video recordings, live stream footage and/or videography or other image(s) to enhance your user experience when using our services or for profile identification, advertising, marketing and/or promotional purposes, where you have given your consent; or
– communicate marketing or other information where you have given your consent.

Who Has Access to Your Personal Information?

Your information will be processed by employees of Scribe in order to fulfil our obligations to you as outlined in this Policy. We may also share your details with third parties including:
– contractors working on behalf of, being managed by, or in partnership with Scribe;
– our third-party suppliers/service providers who perform functions on our behalf under contract to support our systems, operations and/or processes;
– tax, audit, or other authorities, when we believe in good faith that the law or other regulation requires us to share this information; or
– law enforcement or other regulatory bodies who can legally request access to information about you for prevention and detection of crime, the apprehension or prosecution of offenders, and the assessment or collection of tax.

Information Security and International Transfers

Scribe is committed to being transparent and taking all reasonable and appropriate steps to keep your personal information secure and to protect it from misuse, loss, or unauthorised access.

We do this by having in place a range of appropriate technical and organisational measures.

Scribe have a strict selection process when it comes to our suppliers/service providers and our contract terms with third parties ensure your personal information is stored and transferred in a way which is secure.

In the event any of your personal information is required to be transferred to service providers outside the UK and the European Economic Area (EEA), comprising of the the Member states of the European Union plus Norway, Iceland and Liechtenstein, we will take all reasonable steps to ensure that your personal data is processed securely. We will only agree to the transfer of personal information outside the UK and EEA where this is compliant with applicable data protection legislation and where the means of transfer provides adequate safeguards in relation to your personal information.

If you use any of our services that are provided by or supported by third parties, please ensure you refer the privacy notice(s) published by those third parties to understand how your data is used and shared when doing so and to any related terms and conditions of use.

How Long Will You Keep My Personal Information?

Information is only kept as long as necessary for the period it is required. When deciding how long we keep your information we take into account any minimum retention requirements set out in law; for example, financial and statutory reporting requirements mean we must keep certain records for a period of 7 years. Depending on the purpose for which we hold your hold your personal data, retention periods may vary and some data may be stored for longer than the stated retention period for the purposes of business continuity. Any CCTV footage from a Scribe site is generally held securely for 28 days (unless there are grounds for preserving it) and data relating to visitors to any Scribe site is generally held for 36 months.

Please email [email protected] if you require further information.

What Rights Do I Have with Regards to My Personal Data?

To exercise your privacy rights, please send your request in writing. We may be required to verify your identity for security purposes. Your rights are outlined below:
– the right to access information we hold about you, why we have that information, who has access to the information and where we obtained the information from;
– the right to correct and update the information we hold about you. If the data we hold about you is out of date, incomplete or incorrect you can inform us and your data will be updated;
– the right to have your information erased. If you feel we should no longer be using your data you can request that we erase the data that we hold. Upon receiving a request for erasure, we will confirm whether it has been deleted or a reason why it cannot be deleted (for example because we have a legal obligation to keep the information or we need it for a legitimate business interest);
– the right to object to processing of your data. You may request that we stop processing information about you. Upon receiving your request, we will contact you and let you know if we are able to comply or if we have legitimate grounds to continue to process your data. Even after you exercise your right to object, we may continue to hold your data to comply with your other rights or bring or defend legal claims;
– the right to data portability. You have the right to request that we transfer your data to another controller;
– the right to request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data: (1) if you want us to establish the data’s accuracy; (2) where our use of the data is unlawful but you do not want us to erase it; (3) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (4) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it; or
– the right to withdraw consent at any time where we are relying on consent to process your personal data.

We will comply with your request where it is feasible to do so, within 30 days of receiving your request.

There are no fees or charges for the first request. However additional requests for the same data may become subject to an administrative fee in some circumstances.

Consent

We may rely on legitimate interest or other permitted grounds for processing your personal information.

Where we need your consent to process your information, we will ask you to confirm this in writing.

Where we do rely on consent, you have the right to change your mind and withdraw that consent at any time by writing to us. If you withdraw your consent, we will cease using any personal information obtained and processed under that consent, unless we have some other legal obligation to continue to use it.

What Happens When You Leave a Comment on Our Website?

When visitors leave comments on our Website we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

If you upload images to the Website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the Website can download and extract any location data from images on the Website.

If you request a password reset, your IP address will be included in the reset email.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our Website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

If you have an account on this Website, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Visitor comments may be checked through an automated spam detection service.

Use of Cookies

Scribe utilises cookies to enhance your browsing experience on our Website. Details can be found in Scribe’s Cookie Policy on our Website.

Embedded Content from Other Websites

Articles on this Website may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

What Can I Do If I Am Not Satisfied with How My Personal Information Is Processed?

We aim to ensure all information collected about you is done so fairly and lawfully, whilst implementing robust measures to keep your information secure. If you are not satisfied with the information provided in this Policy, please contact us in the first instance so we can resolve your queries or provide you with any additional information required.

If you have any concerns about data protection with Scribe or this Policy, please email: [email protected], or write to us at: Blackbox, Beech Lane, Wilmslow, SK9 5ER.

Alternatively, it is your right to contact your local Data Protection Authority and lodge a complaint. In the UK the lead Data Protection Authority is the Information Commissioner. For more information, please visit the Information Commissioner’s office at: www.ico.org.uk/concerns, call them on: 0303 123 1113, or write to them at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Policy Effective From March 2024

Contact

[email protected]

Suite 1.08, Blackbox, Beech Lane,

Wilmslow, Cheshire, SK9 5ER

Website Terms and Conditions

Data Protection and Privacy Policy

Cookie Policy

Copyright © 2024 Scribe Construction Management Services Limited. All rights reserved.

Company registered in England and Wales No. 15579984.

© 2024 Scribe Construction Management Services Limited. Created for free using WordPress and Kubio